Full-Time

Sr SRE Security Engineer

Posted on 5/23/2024

DoubleVerify

DoubleVerify

1,001-5,000 employees

Digital media measurement and analytics software

Data & Analytics

Compensation Overview

$102k - $202kAnnually

+ Bonus + Equity

Senior

New York, NY, USA

Required Skills
PowerShell
Bash
Python
Communications
Management
AWS
JIRA
Terraform
Ansible
Development Operations (DevOps)
Linux/Unix
Google Cloud Platform
Requirements
  • 7+ years as a Security Engineer \ SRE \ DevOps engineer
  • 4-6 years of related experience in vulnerability management and remediation
  • Hands-on Experience with patching and hardening Linux, Windows, and ESXi servers
  • Experience with building, configuring, and managing patch management tools
  • High proficiency within cloud environments - with a preference for GCP and AWS
  • Proficiency in automation and configuration management tools (e.g Ansible,Terraform, Puppet)
  • Proficiency in scripting languages, including Bash, Python and/or PowerShell
  • 1-2 years developing playbooks, runbooks, and troubleshooting technical issues
  • Ability to grasp new technologies quickly and prioritize and multitask on multiple responsibilities
  • Effective documentation skills, including technical diagrams and written descriptions
  • Experience analyzing vulnerabilities and adjusting the risk rating/severity dependent on internal factors
  • Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results
  • Proficient in firewall management, with hands-on experience in configuration and optimization to ensure network security
  • Familiarity with ITSM solutions, including platforms like Jira and Freshdesk
  • Clear communication and collaboration abilities for cross-functional teamwork
  • Critical thinking and ability to balance security requirements with mission needs
  • Exceptional organizational skills demonstrated through adept autonomy, independent work, collaborative teamwork, and an unwavering professional demeanor
Responsibilities
  • Work closely and in full coordination with multiple departments, SRE, Operation, DevOps, and Network teams to produce a highly secure posture
  • Handle, prioritize, and effectively bring security vulnerabilities to resolution for Production, Staging, and Dev environments; you will play an active part in resolving them
  • Develop, update, and guide procedures for security enhancements, test these procedures, and facilitate their handover to the operations team for complete remediation
  • Review vulnerabilities and data from various sources (e.g., vulnerability scanning, penetration testing) across different technologies and environments to assess the risk level to business assets and help remediate them
  • Build, configure, and manage vulnerability management tools within company environments, serving as the subject matter expert for vulnerability management queries
  • Be the go-to expert for implementing security agents on Production, Staging, and Dev environments, ensuring the security of these assets throughout their lifecycle. (Such as configuring and troubleshooting any security solution agent & authentication issues)
  • Proficiently managed security aspects of Linux, Windows, and ESXi servers, including patch management and fundamental security practices
  • Execute OS patching and work towards automating this process, following a thorough testing and deployment cycle across development, staging, and production environments, which include proper notification and auditing process
  • Implement technical solutions to automate repetitive tasks
  • Undertake notifications and audits related to security work and maintain a proactive and organized approach
  • Manage and follow up on tickets related to remediation or hardening requests
  • Provide analysis of Information Security vulnerabilities and determine true or false positives, and work with appropriate teams for remediation
  • Engage actively in Proof of Concept initiatives to assess and onboard novel security solutions. Offer technical expertise to ensure effective deployment and alignment with security goals. Document findings comprehensively and conduct thorough comparisons of potential solutions, aiding the team in making informed decisions
  • Help focus the engineering teams on working on high-value security issues and avoid toiling on non-security issues
  • Demonstrate self-management skills to effectively track and report on work and time allocation

DoubleVerify excels in providing a software platform for digital media measurement and analytics, focusing on inventory quality, fraud detection, viewability, brand safety, and suitability. With its dedicated Fraud Lab and Semantic Science teams, the company leads in developing solutions that cater to the unique needs of brands, advertisers, marketplaces, and publishers. This focus on high-quality metrics and data integrity makes it an ideal workplace for professionals passionate about advancing digital media transparency and effectiveness.

Company Stage

IPO

Total Funding

$981.6M

Headquarters

New York, New York

Founded

2008

Growth & Insights
Headcount

6 month growth

7%

1 year growth

16%

2 year growth

35%